Category: Health Data

Over on The New School of Information Security, Adam Shostack responded to my recent blog entry about what can we learn from the HHS breach reports.   Looking at “insider” incidents,  Adam writes, in part: There were 10 incidents, (6% of all incidents involving 500 or more people). They impacted 50,491 people (1% of all…

Howard Anderson reports: … A personal health record is an “electronic record of identifiable health information on an individual that can be drawn from multiple sources and that is managed, shared and controlled by or primarily for the individual,” according to the FTC. Last year, the FTC issued a PHR breach notification rule, as called for under…

After the Tyler Clementi suicide, there’s been a lot of talk about how privacy invasions or privacy breaches might lead to desperate measures such as suicide. The veteran at the heart of a terrible privacy breach involving the Department of Veterans Affairs in Canada says that the violation of his privacy made him suicidal: A…

I was running my usual searches and the like to find items that I might want to post to my blogs, when I came across a link to an item and where the first line or so of the entry in the search engine results looked interesting. So I clicked on the link, only to…

It’s now been a full year since the new breach reporting requirements went into effect for HIPAA-covered entities.   Although I’ve regularly updated this blog with new incidents revealed on HHS’s web site,  it might be useful to look at some statistics for the first year’s worth of reports. During this period,  166 breaches each…